Joe Grandja is a core committer on the Spring Security team. He has been leading the efforts in building the next generation of OAuth2 and OpenID Connect support in Spring Security and Spring Authorization Server.
With over 25 years of industry experience, Joe has been a Solution Architect, a Software Engineer, a Team Lead, and a Consultant. His past experience has been mainly focused in the Financial Services sector in the Toronto, Canada, area. He has designed, built, and delivered enterprise grade banking applications and platforms in the Personal and Commercial and Brokerage and Investing divisions. He has worked closely with the InfoSec teams within banks to ensure security and regulatory compliance.
On behalf of the team and everyone who has contributed, it is my pleasure to announce the releases of Spring Authorization Server 2.0.0-M2, 1.5.2 and 1.4.5.
See the 2.0.0-M2, 1.5.2 and 1.4.5 release notes for complete details.
To get started using Spring Authorization Server, see the Getting Started chapter of the reference documentation and the samples to become familiar with setup and configuration.
On behalf of the team and everyone who has contributed, it is my pleasure to announce the milestone release of Spring Authorization Server 2.0.0-M1.
See the 2.0.0-M1 release notes for complete details.
To get started using Spring Authorization Server, see the Getting Started chapter of the reference documentation and the samples to become familiar with setup and configuration.
On behalf of the team and everyone who has contributed, it is my pleasure to announce the releases of Spring Authorization Server 1.5.1, 1.4.4 and 1.3.7.
See the 1.5.1, 1.4.4 and 1.3.7 release notes for complete details.
To get started using Spring Authorization Server, see the Getting Started chapter of the reference documentation and the samples to become familiar with setup and configuration.
On behalf of the team and everyone who has contributed, it is my pleasure to announce the release of Spring Authorization Server 1.5.
The 1.5 release contains a few noteworthy new features:
To get started using Spring Authorization Server, see the Getting Started chapter of the reference documentation and the samples to become familiar with setup and configuration.
On behalf of the team and everyone who has contributed, it is my pleasure to announce the releases of Spring Authorization Server 1.5.0-RC1, 1.4.3 and 1.3.6.
See the 1.5.0-RC1, 1.4.3 and 1.3.6 release notes for complete details.
To get started using Spring Authorization Server, see the Getting Started chapter of the reference documentation and the samples to become familiar with setup and configuration.
On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Security 5.7.17, 5.8.19, 6.0.17, 6.1.15, 6.2.11, 6.3.9, and 6.4.5 are available now which fix CVE-2025-22234.
Please refer to the releases page for more details.
Commercial customers using Spring Boot 2.7, 3.0, 3.1, or 3.2 will be able to update to Spring Boot 2.7.24.2, 3.0.19.2, 3.1.15.2, or 3.2.13.2 respectively to receive the corresponding Security releases 5.7.17, 6.0.17, 6.1.15, and 6.2.11. These Security versions are available now on the Spring commercial artifact repository and can be accessed with a Spring Enterprise Subscription…
On behalf of the team and everyone who has contributed, it is my pleasure to announce the release of Spring Authorization Server 1.5.0-M2.
See the 1.5.0-M2 release notes for complete details.
To get started using Spring Authorization Server, see the Getting Started chapter of the reference documentation and the samples to become familiar with setup and configuration.
On behalf of the team and everyone who has contributed, it is my pleasure to announce the releases of Spring Authorization Server 1.5.0-M1, 1.4.2 and 1.3.5.
See the 1.5.0-M1, 1.4.2 and 1.3.5 release notes for complete details.
To get started using Spring Authorization Server, see the Getting Started chapter of the reference documentation and the samples to become familiar with setup and configuration.
On behalf of the team and everyone who has contributed, it is my pleasure to announce the release of Spring Authorization Server 1.4.
The 1.4 release contains a few noteworthy new features:
HttpSecurity.with() (gh-1725)prompt=none parameter (gh-501)On behalf of the team and everyone who has contributed, it is my pleasure to announce the releases of Spring Authorization Server 1.4.0-RC1, 1.3.3 and 1.2.7.
See the 1.4.0-RC1, 1.3.3 and 1.2.7 release notes for complete details.
To get started using Spring Authorization Server, see the Getting Started chapter of the reference documentation and the samples to become familiar with setup and configuration.
VMware offers training and certification to turbo-charge your progress.
Learn moreTanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.
Learn moreCheck out all the upcoming events in the Spring community.
View all